Security scanner for AI infrastructure and supply chain. AI agent discovery (30 MCP clients), AST source code analysis, AI BOM generation (CycloneDX 1.6 ML extensions), CVE scanning (OSV/NVD/EPSS/KEV), blast radius mapping (CVE → package → MCP server → agent …
agent-bom 0.74.0
The security scanner tool 'agent-bom 0.74.0' has been updated to address risks associated with AI infrastructure and supply chain vulnerabilities. Users of this tool, particularly those managing AI agents and MCP servers, are affected by potential Remote Code Execution (RCE) and supply chain attack vectors. The update introduces critical improvements to detect and mitigate blast radius mapping of CVEs to packages, MCP servers, and agents.